1 Answer
- Newest
- Most votes
- Most comments
1
Can you confirm the customer is taking the approach outline here? Essentially the solution to the question you're posing is alarm enrichment and typically that happens by additional plumbing that queries the resource(s) in question. As a CloudWatch alarm is just that (an alarm) based off a predefined metric, getting enrichment data directly would be challenging. The metric is simply counting how many times specific eventNames occur in your log group.
To get more detail (without doing enrichment), it seems like a Config rule sending data via a Event Bridge/CloudWatch Event Rule that triggers a Lambda function and/or SNS topic may yield the information the customer wants? There is a slightly dated by still useful walk-through here.
Relevant content
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
Adding a host of links to read defeats the whole purpose of the Q&A forum. Adding an example will surely help.